What the vulnerability does

01Description

Insufficient validation of untrusted input in Cast in Google Chrome prior to 149.0.7827.53 allowed an attacker on the local network segment to perform privilege escalation via a crafted HTML page. (Chromium security severity: Low)

Key dates

02Disclosure timeline

June 4, 2026 CVE published
June 5, 2026 Record updated